Years ago, a merchant's crime threats were limited to an armed delinquent or a shoplifter. Today you can add the cyber thief to that list. This thief is looking for a more profitable payoff, your customer's/guest's payment card information. He or she is much more savvy and capable of doing more harm to your business than just emptying your hotel's front desk float or spa's cash register. This breed of thief can cost you thousands of dollars, your reputation, and the ability to accept payment cards.'

Since January 2005 more than 245 million databases containing sensitive and personal information have been involved in security breaches in the US alone (PrivacyRights.org). In 2007, the number of attacks on payment card processing doubled from 2006, a trend that we don't see diminishing. According to Visa Inc., 80% of all identified compromises occurred at Level 4Merchants' - businesses that process less than 1 million payment card transactions each year. And if you thought the hotel, resort, spa or hospitality industries were at all exempt from that, think again. Upwards of 55% of credit card fraud comes from the hospitality industry (The PCI Compliance Process for Hotels, American Hotel & Lodging Association).

Payment Card Industry Data Security Standard (PCI DSS or PCI). PCI was established to eliminate the risk and mistreatment of cardholder data, enhance payment account data security, and to ultimately protect the cardholder. In 2007, the PCI compliance grace period ended and became mandatory.

Unfortunately, spa, leisure, hotel and resort operations are lagging behind other industries. The clock is ticking and the hospitality industry needs to embrace the requirements set forth to comply with PCI.

This article is available in full at Hotel News Resource.